This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft File: QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json) Hash identifier: OmjIJqeFzggcz9hy0bmFuuWNsxdKVjAzUN8uG79L738= Subject key identifier: 8F:CE:4A:F5:EC:3D:6E:6B:68:A6:5F:75:61:E1:46:38:A2:89:C1:5E Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6 Certificate issuer: /CN=431c57e1921d31a34aebd12e507a136fe04598c6 Certificate serial: 019B6656399A023C227E7062B19AFA2665C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft Manifest number: 055A Signing time: Sun 28 Dec 2025 19:01:25 +0000 Manifest this update: Sun 28 Dec 2025 19:01:25 +0000 Manifest next update: Mon 29 Dec 2025 19:01:25 +0000 Files and hashes: 1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: nvtILo2vBr+JLTx7rKuHhelV4t/uGPRvU4m1qlk4NWo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 19:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:56:39:9a:02:3c:22:7e:70:62:b1:9a:fa:26:65:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6 Validity Not Before: Dec 28 19:01:25 2025 GMT Not After : Dec 29 19:01:25 2025 GMT Subject: CN=8fce4af5ec3d6e6b68a65f7561e14638a289c15e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:e6:2e:86:03:ff:28:aa:31:df:88:26:c0:01: 17:4d:5b:36:16:80:c8:fe:b8:b9:3b:f1:e6:04:7d: fd:f7:18:42:bb:1f:59:e9:c0:62:aa:3c:e9:1a:07: f6:fe:15:18:b3:f1:83:91:69:4a:bf:bc:08:22:e9: 0c:f1:65:bf:15:e8:4c:15:bc:4a:59:75:f3:7a:c9: 3d:9b:48:84:8d:38:15:2d:77:2d:c6:8d:10:82:63: 52:47:3a:67:21:28:e0:79:5f:fe:5b:f3:0a:21:7f: 0e:ef:10:b3:72:4b:c3:67:9e:8c:89:5e:98:21:ab: b8:5c:ca:14:c7:5b:3f:83:3b:e8:d4:03:1a:78:df: e9:61:03:ed:54:5d:8f:80:8f:b0:2b:68:a3:27:dd: ab:c7:7d:de:42:ed:97:e0:76:e3:d9:58:e9:ed:0b: 81:9b:8e:28:3d:f7:e2:28:dc:94:8e:37:c2:32:93: 22:6d:61:e5:5c:56:d9:54:64:17:88:56:67:05:16: 7d:99:98:c6:15:c9:8c:ee:2f:31:43:6f:67:ae:94: 07:15:27:83:a4:0a:af:55:db:c5:7b:a9:0a:04:a6: 7a:2d:73:fc:ba:08:ff:fc:89:b9:5c:73:f0:66:e6: c9:4d:3c:b7:aa:b3:08:84:30:1e:b5:16:81:31:18: 21:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:CE:4A:F5:EC:3D:6E:6B:68:A6:5F:75:61:E1:46:38:A2:89:C1:5E X509v3 Authority Key Identifier: keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:1b:fd:9d:ac:96:b8:9a:5e:5c:43:bf:b6:53:63:29:4b:90: 2e:84:98:f7:97:d0:b9:b3:b6:56:a5:e5:d9:e9:e4:5b:30:bc: c3:4f:88:5e:65:76:f8:a9:78:55:ea:35:ed:87:19:16:5b:11: 63:db:0a:ef:9a:6c:d7:a8:74:9d:09:c5:88:24:e1:71:79:8f: d4:f8:78:3e:6e:3c:85:56:85:2c:03:92:f8:33:a5:ee:6f:e4: 8e:25:a1:27:38:98:5b:d6:6f:21:df:f8:ee:5c:87:ae:f7:75: d6:78:1d:a3:a1:cf:f3:c2:95:29:bb:34:01:b7:a1:9e:af:e5: 82:2c:0f:ba:eb:44:5d:f9:1b:bd:84:f3:81:4e:bb:96:11:13: 0a:e9:14:2c:cc:f1:65:3c:1e:cd:7f:43:df:1a:85:5f:0e:bf: cc:c6:ca:ed:36:cb:cf:52:3e:17:36:1d:6b:c1:26:23:f8:32: e4:ef:44:11:dc:3f:13:4b:c0:33:1d:d9:36:22:8f:fa:c6:00: 62:96:56:a3:11:32:d4:54:74:1c:f6:98:cb:2c:89:44:29:3f: 27:69:ce:00:3b:41:f5:f1:8e:85:7c:43:c0:11:c5:c2:b6:c8: 60:a5:8d:e7:56:26:52:8c:05:59:d2:85:f8:91:3e:55:5b:d5: 1c:01:97:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtmVjmaAjwifnBisZr6JmXGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0 NTk4YzYwHhcNMjUxMjI4MTkwMTI1WhcNMjUxMjI5MTkwMTI1WjAzMTEwLwYDVQQD Eyg4ZmNlNGFmNWVjM2Q2ZTZiNjhhNjVmNzU2MWUxNDYzOGEyODljMTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+YuhgP/KKox34gmwAEXTVs2FoDI /ri5O/HmBH399xhCux9Z6cBiqjzpGgf2/hUYs/GDkWlKv7wIIukM8WW/FehMFbxK WXXzesk9m0iEjTgVLXctxo0QgmNSRzpnISjgeV/+W/MKIX8O7xCzckvDZ56MiV6Y Iau4XMoUx1s/gzvo1AMaeN/pYQPtVF2PgI+wK2ijJ92rx33eQu2X4Hbj2Vjp7QuB m44oPffiKNyUjjfCMpMibWHlXFbZVGQXiFZnBRZ9mZjGFcmM7i8xQ29nrpQHFSeD pAqvVdvFe6kKBKZ6LXP8ugj//Im5XHPwZubJTTy3qrMIhDAetRaBMRghlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI/OSvXsPW5raKZfdWHhRjiiicFeMB8GA1UdIwQY MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2 LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxv9nayW uJpeXEO/tlNjKUuQLoSY95fQubO2VqXl2enkWzC8w0+IXmV2+Kl4Veo17YcZFlsR Y9sK75ps16h0nQnFiCThcXmP1Ph4Pm48hVaFLAOS+DOl7m/kjiWhJziYW9ZvId/4 7lyHrvd11ngdo6HP88KVKbs0Abehnq/lgiwPuutEXfkbvYTzgU67lhETCukULMzx ZTwezX9D3xqFXw6/zMbK7TbLz1I+FzYda8EmI/gy5O9EEdw/E0vAMx3ZNiKP+sYA YpZWoxEy1FR0HPaYyyyJRCk/J2nOADtB9fGOhXxDwBHFwrbIYKWN51YmUowFWdKF +JE+VVvVHAGXmQ== -----END CERTIFICATE-----Generated at Sun Dec 28 23:43:36 2025 by rpki-client